chemicaluser Posted May 4, 2008 Share Posted May 4, 2008 Hi, I am working on a simple registration form. What I am trying to do is make sure that the same email is not used to sign up. This is what my code looks like now - it still lets me sign up with the same email. Any suggestions? <?php $page_title = 'Register'; include ('./includes/header.html'); // Check if the form has been submitted. if (isset($_POST['submitted'])) { require_once ('./includes/mysql_connect.php'); // Connect to the db. // function for escaping the data. function escape_data ($data) { global $dbc; // Need the connection. if (ini_get('magic_quotes_gpc')) { $data = stripslashes($data); } return mysql_real_escape_string(trim($data), $dbc); } // End of function. $errors = array(); // Initialize error array. // Check for a first name. if (empty($_POST['first_name'])) { $errors[] = 'You forgot to enter your first name.'; } else { $fn = escape_data($_POST['first_name']); } // Check for a last name. if (empty($_POST['last_name'])) { $errors[] = 'You forgot to enter your last name.'; } else { $ln = escape_data($_POST['last_name']); } // Check for an email address. if (empty($_POST['email'])) { $errors[] = 'You forgot to enter your email address.'; } else { $e = escape_data($_POST['email']); } // Check for a password and match against the confirmed password. if (!empty($_POST['password1'])) { if ($_POST['password1'] != $_POST['password2']) { $errors[] = 'Your password did not match the confirmed password.'; } else { $p = escape_data($_POST['password1']); } } else { $errors[] = 'You forgot to enter your password.'; } if (empty($errors)) { // If everything's okay. // Check for previous registration. $query = "SELECT user_id FROM users WHERE email='$e'"; $result = mysql_query($query); if (mysql_num_rows($result) == 0) { // Make the query. $query = "INSERT INTO users (first_name, last_name, email, password, registration_date) VALUES ('$fn', '$ln', '$e', SHA('$p'), NOW() )"; $result = @mysql_query ($query); // Run the query. if ($result) { // If it ran OK. // Print a message. echo '<h1 id="mainhead">Thank you!</h1> <p>You are now registered.</p><p><br /></p>'; // Include the footer and quit the script (to not show the form). include ('./includes/footer.html'); exit(); } else { // If it did not run OK. echo '<h1 id="mainhead">System Error</h1> <p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>'; // Public message. echo '<p>' . mysql_error() . '<br /><br />Query: ' . $query . '</p>'; // Debugging message. include ('./includes/footer.html'); exit(); } } else { // Already registered. echo '<h1 id="mainhead">Error!</h1> <p class="error">The email address has already been registered.</p>'; } } else { // Report the errors. echo '<h1 id="mainhead">Error!</h1> <p class="error">The following error(s) occurred:<br />'; foreach ($errors as $msg) { // Print each error. echo " - $msg<br />\n"; } echo '</p><p>Please try again.</p><p><br /></p>'; } // End of if (empty($errors)) IF. mysql_close(); // Close the database connection. } // End of the main Submit conditional. ?> <h2>Register</h2> <form action="register.php" method="post"> <p>First Name: <input type="text" name="first_name" size="15" maxlength="15" value="<?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>" /></p> <p>Last Name: <input type="text" name="last_name" size="15" maxlength="30" value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" /></p> <p>Email Address: <input type="text" name="email" size="20" maxlength="40" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /> </p> <p>Password: <input type="password" name="password1" size="10" maxlength="20" /></p> <p>Confirm Password: <input type="password" name="password2" size="10" maxlength="20" /></p> <p><input type="submit" name="submit" value="Register" /></p> <input type="hidden" name="submitted" value="TRUE" /> </form> <?php include ('./includes/footer.html'); ?> Link to comment https://forums.phpfreaks.com/topic/104026-email-varification-need-help-with-code/ Share on other sites More sharing options...
hitman6003 Posted May 4, 2008 Share Posted May 4, 2008 Check the result of the query you issue to check to a duplicate email address... $query = "SELECT user_id FROM users WHERE email='$e'"; die($query); Then execute that query in your mysql interface of choice. See if you get the expected result when executing it this way. Link to comment https://forums.phpfreaks.com/topic/104026-email-varification-need-help-with-code/#findComment-532534 Share on other sites More sharing options...
monkeypaw201 Posted May 4, 2008 Share Posted May 4, 2008 SHA('$p') in your query should be SHA1('$p') Link to comment https://forums.phpfreaks.com/topic/104026-email-varification-need-help-with-code/#findComment-532536 Share on other sites More sharing options...
hitman6003 Posted May 4, 2008 Share Posted May 4, 2008 SHA('$p') in your query should be SHA1('$p') ...actually, doesn't matter: SHA() is synonymous with SHA1(). http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html#function_sha1 Link to comment https://forums.phpfreaks.com/topic/104026-email-varification-need-help-with-code/#findComment-532543 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.